]>
Commit | Line | Data |
---|---|---|
d02b48c6 | 1 | /* crypto/dh/dhtest.c */ |
58964a49 | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
d02b48c6 RE |
3 | * All rights reserved. |
4 | * | |
5 | * This package is an SSL implementation written | |
6 | * by Eric Young (eay@cryptsoft.com). | |
7 | * The implementation was written so as to conform with Netscapes SSL. | |
8 | * | |
9 | * This library is free for commercial and non-commercial use as long as | |
10 | * the following conditions are aheared to. The following conditions | |
11 | * apply to all code found in this distribution, be it the RC4, RSA, | |
12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | |
13 | * included with this distribution is covered by the same copyright terms | |
14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | |
15 | * | |
16 | * Copyright remains Eric Young's, and as such any Copyright notices in | |
17 | * the code are not to be removed. | |
18 | * If this package is used in a product, Eric Young should be given attribution | |
19 | * as the author of the parts of the library used. | |
20 | * This can be in the form of a textual message at program startup or | |
21 | * in documentation (online or textual) provided with the package. | |
22 | * | |
23 | * Redistribution and use in source and binary forms, with or without | |
24 | * modification, are permitted provided that the following conditions | |
25 | * are met: | |
26 | * 1. Redistributions of source code must retain the copyright | |
27 | * notice, this list of conditions and the following disclaimer. | |
28 | * 2. Redistributions in binary form must reproduce the above copyright | |
29 | * notice, this list of conditions and the following disclaimer in the | |
30 | * documentation and/or other materials provided with the distribution. | |
31 | * 3. All advertising materials mentioning features or use of this software | |
32 | * must display the following acknowledgement: | |
33 | * "This product includes cryptographic software written by | |
34 | * Eric Young (eay@cryptsoft.com)" | |
35 | * The word 'cryptographic' can be left out if the rouines from the library | |
36 | * being used are not cryptographic related :-). | |
37 | * 4. If you include any Windows specific code (or a derivative thereof) from | |
38 | * the apps directory (application code) you must include an acknowledgement: | |
39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | |
40 | * | |
41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | |
42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | |
44 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | |
45 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | |
46 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | |
47 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | |
49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | |
50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | |
51 | * SUCH DAMAGE. | |
52 | * | |
53 | * The licence and distribution terms for any publically available version or | |
54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | |
55 | * copied and put under another distribution licence | |
56 | * [including the GNU Public Licence.] | |
57 | */ | |
58 | ||
59 | #include <stdio.h> | |
60 | #include <stdlib.h> | |
61 | #include <string.h> | |
55f78baf RL |
62 | |
63 | #include "../e_os.h" | |
64 | ||
ec577822 BM |
65 | #include <openssl/crypto.h> |
66 | #include <openssl/bio.h> | |
67 | #include <openssl/bn.h> | |
b0bb2b91 | 68 | #include <openssl/rand.h> |
cb78486d | 69 | #include <openssl/err.h> |
f5d7a031 | 70 | |
cf1b7d96 | 71 | #ifdef OPENSSL_NO_DH |
f5d7a031 UM |
72 | int main(int argc, char *argv[]) |
73 | { | |
74 | printf("No DH support\n"); | |
75 | return(0); | |
76 | } | |
77 | #else | |
ec577822 | 78 | #include <openssl/dh.h> |
d02b48c6 | 79 | |
bc36ee62 | 80 | #ifdef OPENSSL_SYS_WIN16 |
d02b48c6 RE |
81 | #define MS_CALLBACK _far _loadds |
82 | #else | |
83 | #define MS_CALLBACK | |
84 | #endif | |
85 | ||
2aaec9cc | 86 | static int MS_CALLBACK cb(int p, int n, BN_GENCB *arg); |
d02b48c6 | 87 | |
7d388202 BM |
88 | static const char rnd_seed[] = "string to make the random number generator think it has entropy"; |
89 | ||
20bee968 DSH |
90 | static int run_rfc5114_tests(void); |
91 | ||
6b691a5c | 92 | int main(int argc, char *argv[]) |
d02b48c6 | 93 | { |
829ccf6a MC |
94 | BN_GENCB *_cb; |
95 | DH *a=NULL; | |
95fdc5ee | 96 | DH *b=NULL; |
d02b48c6 RE |
97 | char buf[12]; |
98 | unsigned char *abuf=NULL,*bbuf=NULL; | |
99 | int i,alen,blen,aout,bout,ret=1; | |
79875776 | 100 | BIO *out; |
d02b48c6 | 101 | |
cb78486d GT |
102 | CRYPTO_malloc_debug_init(); |
103 | CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL); | |
104 | CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); | |
105 | ||
bc36ee62 | 106 | #ifdef OPENSSL_SYS_WIN32 |
d02b48c6 RE |
107 | CRYPTO_malloc_init(); |
108 | #endif | |
109 | ||
7d388202 BM |
110 | RAND_seed(rnd_seed, sizeof rnd_seed); |
111 | ||
d02b48c6 | 112 | out=BIO_new(BIO_s_file()); |
55f78baf | 113 | if (out == NULL) EXIT(1); |
d02b48c6 RE |
114 | BIO_set_fp(out,stdout,BIO_NOCLOSE); |
115 | ||
829ccf6a MC |
116 | _cb = BN_GENCB_new(); |
117 | if(!_cb) | |
118 | goto err; | |
119 | BN_GENCB_set(_cb, &cb, out); | |
2aaec9cc | 120 | if(((a = DH_new()) == NULL) || !DH_generate_parameters_ex(a, 64, |
829ccf6a | 121 | DH_GENERATOR_5, _cb)) |
2aaec9cc | 122 | goto err; |
d02b48c6 | 123 | |
82652aaf BM |
124 | if (!DH_check(a, &i)) goto err; |
125 | if (i & DH_CHECK_P_NOT_PRIME) | |
126 | BIO_puts(out, "p value is not prime\n"); | |
127 | if (i & DH_CHECK_P_NOT_SAFE_PRIME) | |
128 | BIO_puts(out, "p value is not a safe prime\n"); | |
129 | if (i & DH_UNABLE_TO_CHECK_GENERATOR) | |
130 | BIO_puts(out, "unable to check the generator value\n"); | |
131 | if (i & DH_NOT_SUITABLE_GENERATOR) | |
132 | BIO_puts(out, "the g value is not a generator\n"); | |
133 | ||
d02b48c6 RE |
134 | BIO_puts(out,"\np ="); |
135 | BN_print(out,a->p); | |
136 | BIO_puts(out,"\ng ="); | |
137 | BN_print(out,a->g); | |
138 | BIO_puts(out,"\n"); | |
139 | ||
140 | b=DH_new(); | |
141 | if (b == NULL) goto err; | |
142 | ||
143 | b->p=BN_dup(a->p); | |
144 | b->g=BN_dup(a->g); | |
145 | if ((b->p == NULL) || (b->g == NULL)) goto err; | |
146 | ||
46a64376 BM |
147 | /* Set a to run with normal modexp and b to use constant time */ |
148 | a->flags &= ~DH_FLAG_NO_EXP_CONSTTIME; | |
149 | b->flags |= DH_FLAG_NO_EXP_CONSTTIME; | |
150 | ||
d02b48c6 RE |
151 | if (!DH_generate_key(a)) goto err; |
152 | BIO_puts(out,"pri 1="); | |
153 | BN_print(out,a->priv_key); | |
154 | BIO_puts(out,"\npub 1="); | |
155 | BN_print(out,a->pub_key); | |
156 | BIO_puts(out,"\n"); | |
157 | ||
158 | if (!DH_generate_key(b)) goto err; | |
159 | BIO_puts(out,"pri 2="); | |
160 | BN_print(out,b->priv_key); | |
161 | BIO_puts(out,"\npub 2="); | |
162 | BN_print(out,b->pub_key); | |
163 | BIO_puts(out,"\n"); | |
164 | ||
165 | alen=DH_size(a); | |
26a3a48d | 166 | abuf=(unsigned char *)OPENSSL_malloc(alen); |
d02b48c6 RE |
167 | aout=DH_compute_key(abuf,b->pub_key,a); |
168 | ||
169 | BIO_puts(out,"key1 ="); | |
170 | for (i=0; i<aout; i++) | |
171 | { | |
172 | sprintf(buf,"%02X",abuf[i]); | |
173 | BIO_puts(out,buf); | |
174 | } | |
175 | BIO_puts(out,"\n"); | |
176 | ||
177 | blen=DH_size(b); | |
26a3a48d | 178 | bbuf=(unsigned char *)OPENSSL_malloc(blen); |
d02b48c6 RE |
179 | bout=DH_compute_key(bbuf,a->pub_key,b); |
180 | ||
181 | BIO_puts(out,"key2 ="); | |
182 | for (i=0; i<bout; i++) | |
183 | { | |
184 | sprintf(buf,"%02X",bbuf[i]); | |
185 | BIO_puts(out,buf); | |
186 | } | |
187 | BIO_puts(out,"\n"); | |
188 | if ((aout < 4) || (bout != aout) || (memcmp(abuf,bbuf,aout) != 0)) | |
189 | { | |
190 | fprintf(stderr,"Error in DH routines\n"); | |
191 | ret=1; | |
192 | } | |
193 | else | |
194 | ret=0; | |
20bee968 DSH |
195 | if (!run_rfc5114_tests()) |
196 | ret = 1; | |
d02b48c6 | 197 | err: |
82652aaf BM |
198 | ERR_print_errors_fp(stderr); |
199 | ||
26a3a48d RL |
200 | if (abuf != NULL) OPENSSL_free(abuf); |
201 | if (bbuf != NULL) OPENSSL_free(bbuf); | |
79875776 BM |
202 | if(b != NULL) DH_free(b); |
203 | if(a != NULL) DH_free(a); | |
829ccf6a | 204 | if(_cb) BN_GENCB_free(_cb); |
79875776 | 205 | BIO_free(out); |
4d8743f4 RL |
206 | #ifdef OPENSSL_SYS_NETWARE |
207 | if (ret) printf("ERROR: %d\n", ret); | |
208 | #endif | |
55f78baf | 209 | EXIT(ret); |
d02b48c6 RE |
210 | return(ret); |
211 | } | |
212 | ||
2aaec9cc | 213 | static int MS_CALLBACK cb(int p, int n, BN_GENCB *arg) |
d02b48c6 RE |
214 | { |
215 | char c='*'; | |
216 | ||
217 | if (p == 0) c='.'; | |
218 | if (p == 1) c='+'; | |
219 | if (p == 2) c='*'; | |
220 | if (p == 3) c='\n'; | |
829ccf6a MC |
221 | BIO_write(BN_GENCB_get_arg(arg),&c,1); |
222 | (void)BIO_flush(BN_GENCB_get_arg(arg)); | |
2aaec9cc | 223 | return 1; |
d02b48c6 | 224 | } |
20bee968 DSH |
225 | |
226 | /* Test data from RFC 5114 */ | |
227 | ||
228 | static const unsigned char dhtest_1024_160_xA[] = { | |
229 | 0xB9,0xA3,0xB3,0xAE,0x8F,0xEF,0xC1,0xA2,0x93,0x04,0x96,0x50, | |
230 | 0x70,0x86,0xF8,0x45,0x5D,0x48,0x94,0x3E | |
231 | }; | |
232 | static const unsigned char dhtest_1024_160_yA[] = { | |
233 | 0x2A,0x85,0x3B,0x3D,0x92,0x19,0x75,0x01,0xB9,0x01,0x5B,0x2D, | |
234 | 0xEB,0x3E,0xD8,0x4F,0x5E,0x02,0x1D,0xCC,0x3E,0x52,0xF1,0x09, | |
235 | 0xD3,0x27,0x3D,0x2B,0x75,0x21,0x28,0x1C,0xBA,0xBE,0x0E,0x76, | |
236 | 0xFF,0x57,0x27,0xFA,0x8A,0xCC,0xE2,0x69,0x56,0xBA,0x9A,0x1F, | |
237 | 0xCA,0x26,0xF2,0x02,0x28,0xD8,0x69,0x3F,0xEB,0x10,0x84,0x1D, | |
238 | 0x84,0xA7,0x36,0x00,0x54,0xEC,0xE5,0xA7,0xF5,0xB7,0xA6,0x1A, | |
239 | 0xD3,0xDF,0xB3,0xC6,0x0D,0x2E,0x43,0x10,0x6D,0x87,0x27,0xDA, | |
240 | 0x37,0xDF,0x9C,0xCE,0x95,0xB4,0x78,0x75,0x5D,0x06,0xBC,0xEA, | |
241 | 0x8F,0x9D,0x45,0x96,0x5F,0x75,0xA5,0xF3,0xD1,0xDF,0x37,0x01, | |
242 | 0x16,0x5F,0xC9,0xE5,0x0C,0x42,0x79,0xCE,0xB0,0x7F,0x98,0x95, | |
243 | 0x40,0xAE,0x96,0xD5,0xD8,0x8E,0xD7,0x76 | |
244 | }; | |
245 | static const unsigned char dhtest_1024_160_xB[] = { | |
246 | 0x93,0x92,0xC9,0xF9,0xEB,0x6A,0x7A,0x6A,0x90,0x22,0xF7,0xD8, | |
247 | 0x3E,0x72,0x23,0xC6,0x83,0x5B,0xBD,0xDA | |
248 | }; | |
249 | static const unsigned char dhtest_1024_160_yB[] = { | |
250 | 0x71,0x7A,0x6C,0xB0,0x53,0x37,0x1F,0xF4,0xA3,0xB9,0x32,0x94, | |
251 | 0x1C,0x1E,0x56,0x63,0xF8,0x61,0xA1,0xD6,0xAD,0x34,0xAE,0x66, | |
252 | 0x57,0x6D,0xFB,0x98,0xF6,0xC6,0xCB,0xF9,0xDD,0xD5,0xA5,0x6C, | |
253 | 0x78,0x33,0xF6,0xBC,0xFD,0xFF,0x09,0x55,0x82,0xAD,0x86,0x8E, | |
254 | 0x44,0x0E,0x8D,0x09,0xFD,0x76,0x9E,0x3C,0xEC,0xCD,0xC3,0xD3, | |
255 | 0xB1,0xE4,0xCF,0xA0,0x57,0x77,0x6C,0xAA,0xF9,0x73,0x9B,0x6A, | |
256 | 0x9F,0xEE,0x8E,0x74,0x11,0xF8,0xD6,0xDA,0xC0,0x9D,0x6A,0x4E, | |
257 | 0xDB,0x46,0xCC,0x2B,0x5D,0x52,0x03,0x09,0x0E,0xAE,0x61,0x26, | |
258 | 0x31,0x1E,0x53,0xFD,0x2C,0x14,0xB5,0x74,0xE6,0xA3,0x10,0x9A, | |
259 | 0x3D,0xA1,0xBE,0x41,0xBD,0xCE,0xAA,0x18,0x6F,0x5C,0xE0,0x67, | |
260 | 0x16,0xA2,0xB6,0xA0,0x7B,0x3C,0x33,0xFE | |
261 | }; | |
262 | static const unsigned char dhtest_1024_160_Z[] = { | |
263 | 0x5C,0x80,0x4F,0x45,0x4D,0x30,0xD9,0xC4,0xDF,0x85,0x27,0x1F, | |
264 | 0x93,0x52,0x8C,0x91,0xDF,0x6B,0x48,0xAB,0x5F,0x80,0xB3,0xB5, | |
265 | 0x9C,0xAA,0xC1,0xB2,0x8F,0x8A,0xCB,0xA9,0xCD,0x3E,0x39,0xF3, | |
266 | 0xCB,0x61,0x45,0x25,0xD9,0x52,0x1D,0x2E,0x64,0x4C,0x53,0xB8, | |
267 | 0x07,0xB8,0x10,0xF3,0x40,0x06,0x2F,0x25,0x7D,0x7D,0x6F,0xBF, | |
268 | 0xE8,0xD5,0xE8,0xF0,0x72,0xE9,0xB6,0xE9,0xAF,0xDA,0x94,0x13, | |
269 | 0xEA,0xFB,0x2E,0x8B,0x06,0x99,0xB1,0xFB,0x5A,0x0C,0xAC,0xED, | |
270 | 0xDE,0xAE,0xAD,0x7E,0x9C,0xFB,0xB3,0x6A,0xE2,0xB4,0x20,0x83, | |
271 | 0x5B,0xD8,0x3A,0x19,0xFB,0x0B,0x5E,0x96,0xBF,0x8F,0xA4,0xD0, | |
272 | 0x9E,0x34,0x55,0x25,0x16,0x7E,0xCD,0x91,0x55,0x41,0x6F,0x46, | |
273 | 0xF4,0x08,0xED,0x31,0xB6,0x3C,0x6E,0x6D | |
274 | }; | |
275 | static const unsigned char dhtest_2048_224_xA[] = { | |
276 | 0x22,0xE6,0x26,0x01,0xDB,0xFF,0xD0,0x67,0x08,0xA6,0x80,0xF7, | |
277 | 0x47,0xF3,0x61,0xF7,0x6D,0x8F,0x4F,0x72,0x1A,0x05,0x48,0xE4, | |
278 | 0x83,0x29,0x4B,0x0C | |
279 | }; | |
280 | static const unsigned char dhtest_2048_224_yA[] = { | |
281 | 0x1B,0x3A,0x63,0x45,0x1B,0xD8,0x86,0xE6,0x99,0xE6,0x7B,0x49, | |
282 | 0x4E,0x28,0x8B,0xD7,0xF8,0xE0,0xD3,0x70,0xBA,0xDD,0xA7,0xA0, | |
283 | 0xEF,0xD2,0xFD,0xE7,0xD8,0xF6,0x61,0x45,0xCC,0x9F,0x28,0x04, | |
284 | 0x19,0x97,0x5E,0xB8,0x08,0x87,0x7C,0x8A,0x4C,0x0C,0x8E,0x0B, | |
285 | 0xD4,0x8D,0x4A,0x54,0x01,0xEB,0x1E,0x87,0x76,0xBF,0xEE,0xE1, | |
286 | 0x34,0xC0,0x38,0x31,0xAC,0x27,0x3C,0xD9,0xD6,0x35,0xAB,0x0C, | |
287 | 0xE0,0x06,0xA4,0x2A,0x88,0x7E,0x3F,0x52,0xFB,0x87,0x66,0xB6, | |
288 | 0x50,0xF3,0x80,0x78,0xBC,0x8E,0xE8,0x58,0x0C,0xEF,0xE2,0x43, | |
289 | 0x96,0x8C,0xFC,0x4F,0x8D,0xC3,0xDB,0x08,0x45,0x54,0x17,0x1D, | |
290 | 0x41,0xBF,0x2E,0x86,0x1B,0x7B,0xB4,0xD6,0x9D,0xD0,0xE0,0x1E, | |
291 | 0xA3,0x87,0xCB,0xAA,0x5C,0xA6,0x72,0xAF,0xCB,0xE8,0xBD,0xB9, | |
292 | 0xD6,0x2D,0x4C,0xE1,0x5F,0x17,0xDD,0x36,0xF9,0x1E,0xD1,0xEE, | |
293 | 0xDD,0x65,0xCA,0x4A,0x06,0x45,0x5C,0xB9,0x4C,0xD4,0x0A,0x52, | |
294 | 0xEC,0x36,0x0E,0x84,0xB3,0xC9,0x26,0xE2,0x2C,0x43,0x80,0xA3, | |
295 | 0xBF,0x30,0x9D,0x56,0x84,0x97,0x68,0xB7,0xF5,0x2C,0xFD,0xF6, | |
296 | 0x55,0xFD,0x05,0x3A,0x7E,0xF7,0x06,0x97,0x9E,0x7E,0x58,0x06, | |
297 | 0xB1,0x7D,0xFA,0xE5,0x3A,0xD2,0xA5,0xBC,0x56,0x8E,0xBB,0x52, | |
298 | 0x9A,0x7A,0x61,0xD6,0x8D,0x25,0x6F,0x8F,0xC9,0x7C,0x07,0x4A, | |
299 | 0x86,0x1D,0x82,0x7E,0x2E,0xBC,0x8C,0x61,0x34,0x55,0x31,0x15, | |
300 | 0xB7,0x0E,0x71,0x03,0x92,0x0A,0xA1,0x6D,0x85,0xE5,0x2B,0xCB, | |
301 | 0xAB,0x8D,0x78,0x6A,0x68,0x17,0x8F,0xA8,0xFF,0x7C,0x2F,0x5C, | |
302 | 0x71,0x64,0x8D,0x6F | |
303 | }; | |
304 | static const unsigned char dhtest_2048_224_xB[] = { | |
305 | 0x4F,0xF3,0xBC,0x96,0xC7,0xFC,0x6A,0x6D,0x71,0xD3,0xB3,0x63, | |
306 | 0x80,0x0A,0x7C,0xDF,0xEF,0x6F,0xC4,0x1B,0x44,0x17,0xEA,0x15, | |
307 | 0x35,0x3B,0x75,0x90 | |
308 | }; | |
309 | static const unsigned char dhtest_2048_224_yB[] = { | |
310 | 0x4D,0xCE,0xE9,0x92,0xA9,0x76,0x2A,0x13,0xF2,0xF8,0x38,0x44, | |
311 | 0xAD,0x3D,0x77,0xEE,0x0E,0x31,0xC9,0x71,0x8B,0x3D,0xB6,0xC2, | |
312 | 0x03,0x5D,0x39,0x61,0x18,0x2C,0x3E,0x0B,0xA2,0x47,0xEC,0x41, | |
313 | 0x82,0xD7,0x60,0xCD,0x48,0xD9,0x95,0x99,0x97,0x06,0x22,0xA1, | |
314 | 0x88,0x1B,0xBA,0x2D,0xC8,0x22,0x93,0x9C,0x78,0xC3,0x91,0x2C, | |
315 | 0x66,0x61,0xFA,0x54,0x38,0xB2,0x07,0x66,0x22,0x2B,0x75,0xE2, | |
316 | 0x4C,0x2E,0x3A,0xD0,0xC7,0x28,0x72,0x36,0x12,0x95,0x25,0xEE, | |
317 | 0x15,0xB5,0xDD,0x79,0x98,0xAA,0x04,0xC4,0xA9,0x69,0x6C,0xAC, | |
318 | 0xD7,0x17,0x20,0x83,0xA9,0x7A,0x81,0x66,0x4E,0xAD,0x2C,0x47, | |
319 | 0x9E,0x44,0x4E,0x4C,0x06,0x54,0xCC,0x19,0xE2,0x8D,0x77,0x03, | |
320 | 0xCE,0xE8,0xDA,0xCD,0x61,0x26,0xF5,0xD6,0x65,0xEC,0x52,0xC6, | |
321 | 0x72,0x55,0xDB,0x92,0x01,0x4B,0x03,0x7E,0xB6,0x21,0xA2,0xAC, | |
322 | 0x8E,0x36,0x5D,0xE0,0x71,0xFF,0xC1,0x40,0x0A,0xCF,0x07,0x7A, | |
323 | 0x12,0x91,0x3D,0xD8,0xDE,0x89,0x47,0x34,0x37,0xAB,0x7B,0xA3, | |
324 | 0x46,0x74,0x3C,0x1B,0x21,0x5D,0xD9,0xC1,0x21,0x64,0xA7,0xE4, | |
325 | 0x05,0x31,0x18,0xD1,0x99,0xBE,0xC8,0xEF,0x6F,0xC5,0x61,0x17, | |
326 | 0x0C,0x84,0xC8,0x7D,0x10,0xEE,0x9A,0x67,0x4A,0x1F,0xA8,0xFF, | |
327 | 0xE1,0x3B,0xDF,0xBA,0x1D,0x44,0xDE,0x48,0x94,0x6D,0x68,0xDC, | |
328 | 0x0C,0xDD,0x77,0x76,0x35,0xA7,0xAB,0x5B,0xFB,0x1E,0x4B,0xB7, | |
329 | 0xB8,0x56,0xF9,0x68,0x27,0x73,0x4C,0x18,0x41,0x38,0xE9,0x15, | |
330 | 0xD9,0xC3,0x00,0x2E,0xBC,0xE5,0x31,0x20,0x54,0x6A,0x7E,0x20, | |
331 | 0x02,0x14,0x2B,0x6C | |
332 | }; | |
333 | static const unsigned char dhtest_2048_224_Z[] = { | |
334 | 0x34,0xD9,0xBD,0xDC,0x1B,0x42,0x17,0x6C,0x31,0x3F,0xEA,0x03, | |
335 | 0x4C,0x21,0x03,0x4D,0x07,0x4A,0x63,0x13,0xBB,0x4E,0xCD,0xB3, | |
336 | 0x70,0x3F,0xFF,0x42,0x45,0x67,0xA4,0x6B,0xDF,0x75,0x53,0x0E, | |
337 | 0xDE,0x0A,0x9D,0xA5,0x22,0x9D,0xE7,0xD7,0x67,0x32,0x28,0x6C, | |
338 | 0xBC,0x0F,0x91,0xDA,0x4C,0x3C,0x85,0x2F,0xC0,0x99,0xC6,0x79, | |
339 | 0x53,0x1D,0x94,0xC7,0x8A,0xB0,0x3D,0x9D,0xEC,0xB0,0xA4,0xE4, | |
340 | 0xCA,0x8B,0x2B,0xB4,0x59,0x1C,0x40,0x21,0xCF,0x8C,0xE3,0xA2, | |
341 | 0x0A,0x54,0x1D,0x33,0x99,0x40,0x17,0xD0,0x20,0x0A,0xE2,0xC9, | |
342 | 0x51,0x6E,0x2F,0xF5,0x14,0x57,0x79,0x26,0x9E,0x86,0x2B,0x0F, | |
343 | 0xB4,0x74,0xA2,0xD5,0x6D,0xC3,0x1E,0xD5,0x69,0xA7,0x70,0x0B, | |
344 | 0x4C,0x4A,0xB1,0x6B,0x22,0xA4,0x55,0x13,0x53,0x1E,0xF5,0x23, | |
345 | 0xD7,0x12,0x12,0x07,0x7B,0x5A,0x16,0x9B,0xDE,0xFF,0xAD,0x7A, | |
346 | 0xD9,0x60,0x82,0x84,0xC7,0x79,0x5B,0x6D,0x5A,0x51,0x83,0xB8, | |
347 | 0x70,0x66,0xDE,0x17,0xD8,0xD6,0x71,0xC9,0xEB,0xD8,0xEC,0x89, | |
348 | 0x54,0x4D,0x45,0xEC,0x06,0x15,0x93,0xD4,0x42,0xC6,0x2A,0xB9, | |
349 | 0xCE,0x3B,0x1C,0xB9,0x94,0x3A,0x1D,0x23,0xA5,0xEA,0x3B,0xCF, | |
350 | 0x21,0xA0,0x14,0x71,0xE6,0x7E,0x00,0x3E,0x7F,0x8A,0x69,0xC7, | |
351 | 0x28,0xBE,0x49,0x0B,0x2F,0xC8,0x8C,0xFE,0xB9,0x2D,0xB6,0xA2, | |
352 | 0x15,0xE5,0xD0,0x3C,0x17,0xC4,0x64,0xC9,0xAC,0x1A,0x46,0xE2, | |
353 | 0x03,0xE1,0x3F,0x95,0x29,0x95,0xFB,0x03,0xC6,0x9D,0x3C,0xC4, | |
354 | 0x7F,0xCB,0x51,0x0B,0x69,0x98,0xFF,0xD3,0xAA,0x6D,0xE7,0x3C, | |
355 | 0xF9,0xF6,0x38,0x69 | |
356 | }; | |
357 | static const unsigned char dhtest_2048_256_xA[] = { | |
358 | 0x08,0x81,0x38,0x2C,0xDB,0x87,0x66,0x0C,0x6D,0xC1,0x3E,0x61, | |
359 | 0x49,0x38,0xD5,0xB9,0xC8,0xB2,0xF2,0x48,0x58,0x1C,0xC5,0xE3, | |
360 | 0x1B,0x35,0x45,0x43,0x97,0xFC,0xE5,0x0E | |
361 | }; | |
362 | static const unsigned char dhtest_2048_256_yA[] = { | |
363 | 0x2E,0x93,0x80,0xC8,0x32,0x3A,0xF9,0x75,0x45,0xBC,0x49,0x41, | |
364 | 0xDE,0xB0,0xEC,0x37,0x42,0xC6,0x2F,0xE0,0xEC,0xE8,0x24,0xA6, | |
365 | 0xAB,0xDB,0xE6,0x6C,0x59,0xBE,0xE0,0x24,0x29,0x11,0xBF,0xB9, | |
366 | 0x67,0x23,0x5C,0xEB,0xA3,0x5A,0xE1,0x3E,0x4E,0xC7,0x52,0xBE, | |
367 | 0x63,0x0B,0x92,0xDC,0x4B,0xDE,0x28,0x47,0xA9,0xC6,0x2C,0xB8, | |
368 | 0x15,0x27,0x45,0x42,0x1F,0xB7,0xEB,0x60,0xA6,0x3C,0x0F,0xE9, | |
369 | 0x15,0x9F,0xCC,0xE7,0x26,0xCE,0x7C,0xD8,0x52,0x3D,0x74,0x50, | |
370 | 0x66,0x7E,0xF8,0x40,0xE4,0x91,0x91,0x21,0xEB,0x5F,0x01,0xC8, | |
371 | 0xC9,0xB0,0xD3,0xD6,0x48,0xA9,0x3B,0xFB,0x75,0x68,0x9E,0x82, | |
372 | 0x44,0xAC,0x13,0x4A,0xF5,0x44,0x71,0x1C,0xE7,0x9A,0x02,0xDC, | |
373 | 0xC3,0x42,0x26,0x68,0x47,0x80,0xDD,0xDC,0xB4,0x98,0x59,0x41, | |
374 | 0x06,0xC3,0x7F,0x5B,0xC7,0x98,0x56,0x48,0x7A,0xF5,0xAB,0x02, | |
375 | 0x2A,0x2E,0x5E,0x42,0xF0,0x98,0x97,0xC1,0xA8,0x5A,0x11,0xEA, | |
376 | 0x02,0x12,0xAF,0x04,0xD9,0xB4,0xCE,0xBC,0x93,0x7C,0x3C,0x1A, | |
377 | 0x3E,0x15,0xA8,0xA0,0x34,0x2E,0x33,0x76,0x15,0xC8,0x4E,0x7F, | |
378 | 0xE3,0xB8,0xB9,0xB8,0x7F,0xB1,0xE7,0x3A,0x15,0xAF,0x12,0xA3, | |
379 | 0x0D,0x74,0x6E,0x06,0xDF,0xC3,0x4F,0x29,0x0D,0x79,0x7C,0xE5, | |
380 | 0x1A,0xA1,0x3A,0xA7,0x85,0xBF,0x66,0x58,0xAF,0xF5,0xE4,0xB0, | |
381 | 0x93,0x00,0x3C,0xBE,0xAF,0x66,0x5B,0x3C,0x2E,0x11,0x3A,0x3A, | |
382 | 0x4E,0x90,0x52,0x69,0x34,0x1D,0xC0,0x71,0x14,0x26,0x68,0x5F, | |
383 | 0x4E,0xF3,0x7E,0x86,0x8A,0x81,0x26,0xFF,0x3F,0x22,0x79,0xB5, | |
384 | 0x7C,0xA6,0x7E,0x29 | |
385 | }; | |
386 | static const unsigned char dhtest_2048_256_xB[] = { | |
387 | 0x7D,0x62,0xA7,0xE3,0xEF,0x36,0xDE,0x61,0x7B,0x13,0xD1,0xAF, | |
388 | 0xB8,0x2C,0x78,0x0D,0x83,0xA2,0x3B,0xD4,0xEE,0x67,0x05,0x64, | |
389 | 0x51,0x21,0xF3,0x71,0xF5,0x46,0xA5,0x3D | |
390 | }; | |
391 | static const unsigned char dhtest_2048_256_yB[] = { | |
392 | 0x57,0x5F,0x03,0x51,0xBD,0x2B,0x1B,0x81,0x74,0x48,0xBD,0xF8, | |
393 | 0x7A,0x6C,0x36,0x2C,0x1E,0x28,0x9D,0x39,0x03,0xA3,0x0B,0x98, | |
394 | 0x32,0xC5,0x74,0x1F,0xA2,0x50,0x36,0x3E,0x7A,0xCB,0xC7,0xF7, | |
395 | 0x7F,0x3D,0xAC,0xBC,0x1F,0x13,0x1A,0xDD,0x8E,0x03,0x36,0x7E, | |
396 | 0xFF,0x8F,0xBB,0xB3,0xE1,0xC5,0x78,0x44,0x24,0x80,0x9B,0x25, | |
397 | 0xAF,0xE4,0xD2,0x26,0x2A,0x1A,0x6F,0xD2,0xFA,0xB6,0x41,0x05, | |
398 | 0xCA,0x30,0xA6,0x74,0xE0,0x7F,0x78,0x09,0x85,0x20,0x88,0x63, | |
399 | 0x2F,0xC0,0x49,0x23,0x37,0x91,0xAD,0x4E,0xDD,0x08,0x3A,0x97, | |
400 | 0x8B,0x88,0x3E,0xE6,0x18,0xBC,0x5E,0x0D,0xD0,0x47,0x41,0x5F, | |
401 | 0x2D,0x95,0xE6,0x83,0xCF,0x14,0x82,0x6B,0x5F,0xBE,0x10,0xD3, | |
402 | 0xCE,0x41,0xC6,0xC1,0x20,0xC7,0x8A,0xB2,0x00,0x08,0xC6,0x98, | |
403 | 0xBF,0x7F,0x0B,0xCA,0xB9,0xD7,0xF4,0x07,0xBE,0xD0,0xF4,0x3A, | |
404 | 0xFB,0x29,0x70,0xF5,0x7F,0x8D,0x12,0x04,0x39,0x63,0xE6,0x6D, | |
405 | 0xDD,0x32,0x0D,0x59,0x9A,0xD9,0x93,0x6C,0x8F,0x44,0x13,0x7C, | |
406 | 0x08,0xB1,0x80,0xEC,0x5E,0x98,0x5C,0xEB,0xE1,0x86,0xF3,0xD5, | |
407 | 0x49,0x67,0x7E,0x80,0x60,0x73,0x31,0xEE,0x17,0xAF,0x33,0x80, | |
408 | 0xA7,0x25,0xB0,0x78,0x23,0x17,0xD7,0xDD,0x43,0xF5,0x9D,0x7A, | |
409 | 0xF9,0x56,0x8A,0x9B,0xB6,0x3A,0x84,0xD3,0x65,0xF9,0x22,0x44, | |
410 | 0xED,0x12,0x09,0x88,0x21,0x93,0x02,0xF4,0x29,0x24,0xC7,0xCA, | |
411 | 0x90,0xB8,0x9D,0x24,0xF7,0x1B,0x0A,0xB6,0x97,0x82,0x3D,0x7D, | |
412 | 0xEB,0x1A,0xFF,0x5B,0x0E,0x8E,0x4A,0x45,0xD4,0x9F,0x7F,0x53, | |
413 | 0x75,0x7E,0x19,0x13 | |
414 | }; | |
415 | static const unsigned char dhtest_2048_256_Z[] = { | |
416 | 0x86,0xC7,0x0B,0xF8,0xD0,0xBB,0x81,0xBB,0x01,0x07,0x8A,0x17, | |
417 | 0x21,0x9C,0xB7,0xD2,0x72,0x03,0xDB,0x2A,0x19,0xC8,0x77,0xF1, | |
418 | 0xD1,0xF1,0x9F,0xD7,0xD7,0x7E,0xF2,0x25,0x46,0xA6,0x8F,0x00, | |
419 | 0x5A,0xD5,0x2D,0xC8,0x45,0x53,0xB7,0x8F,0xC6,0x03,0x30,0xBE, | |
420 | 0x51,0xEA,0x7C,0x06,0x72,0xCA,0xC1,0x51,0x5E,0x4B,0x35,0xC0, | |
421 | 0x47,0xB9,0xA5,0x51,0xB8,0x8F,0x39,0xDC,0x26,0xDA,0x14,0xA0, | |
422 | 0x9E,0xF7,0x47,0x74,0xD4,0x7C,0x76,0x2D,0xD1,0x77,0xF9,0xED, | |
423 | 0x5B,0xC2,0xF1,0x1E,0x52,0xC8,0x79,0xBD,0x95,0x09,0x85,0x04, | |
424 | 0xCD,0x9E,0xEC,0xD8,0xA8,0xF9,0xB3,0xEF,0xBD,0x1F,0x00,0x8A, | |
425 | 0xC5,0x85,0x30,0x97,0xD9,0xD1,0x83,0x7F,0x2B,0x18,0xF7,0x7C, | |
426 | 0xD7,0xBE,0x01,0xAF,0x80,0xA7,0xC7,0xB5,0xEA,0x3C,0xA5,0x4C, | |
427 | 0xC0,0x2D,0x0C,0x11,0x6F,0xEE,0x3F,0x95,0xBB,0x87,0x39,0x93, | |
428 | 0x85,0x87,0x5D,0x7E,0x86,0x74,0x7E,0x67,0x6E,0x72,0x89,0x38, | |
429 | 0xAC,0xBF,0xF7,0x09,0x8E,0x05,0xBE,0x4D,0xCF,0xB2,0x40,0x52, | |
430 | 0xB8,0x3A,0xEF,0xFB,0x14,0x78,0x3F,0x02,0x9A,0xDB,0xDE,0x7F, | |
431 | 0x53,0xFA,0xE9,0x20,0x84,0x22,0x40,0x90,0xE0,0x07,0xCE,0xE9, | |
432 | 0x4D,0x4B,0xF2,0xBA,0xCE,0x9F,0xFD,0x4B,0x57,0xD2,0xAF,0x7C, | |
433 | 0x72,0x4D,0x0C,0xAA,0x19,0xBF,0x05,0x01,0xF6,0xF1,0x7B,0x4A, | |
434 | 0xA1,0x0F,0x42,0x5E,0x3E,0xA7,0x60,0x80,0xB4,0xB9,0xD6,0xB3, | |
435 | 0xCE,0xFE,0xA1,0x15,0xB2,0xCE,0xB8,0x78,0x9B,0xB8,0xA3,0xB0, | |
436 | 0xEA,0x87,0xFE,0xBE,0x63,0xB6,0xC8,0xF8,0x46,0xEC,0x6D,0xB0, | |
437 | 0xC2,0x6C,0x5D,0x7C | |
438 | }; | |
439 | ||
440 | typedef struct | |
441 | { | |
442 | DH * (*get_param)(void); | |
443 | const unsigned char *xA; | |
444 | size_t xA_len; | |
445 | const unsigned char *yA; | |
446 | size_t yA_len; | |
447 | const unsigned char *xB; | |
448 | size_t xB_len; | |
449 | const unsigned char *yB; | |
450 | size_t yB_len; | |
451 | const unsigned char *Z; | |
452 | size_t Z_len; | |
453 | } rfc5114_td; | |
454 | ||
455 | #define make_rfc5114_td(pre) { \ | |
456 | DH_get_##pre, \ | |
457 | dhtest_##pre##_xA, sizeof(dhtest_##pre##_xA), \ | |
458 | dhtest_##pre##_yA, sizeof(dhtest_##pre##_yA), \ | |
459 | dhtest_##pre##_xB, sizeof(dhtest_##pre##_xB), \ | |
460 | dhtest_##pre##_yB, sizeof(dhtest_##pre##_yB), \ | |
461 | dhtest_##pre##_Z, sizeof(dhtest_##pre##_Z) \ | |
462 | } | |
463 | ||
464 | static const rfc5114_td rfctd[] = { | |
465 | make_rfc5114_td(1024_160), | |
466 | make_rfc5114_td(2048_224), | |
467 | make_rfc5114_td(2048_256) | |
468 | }; | |
469 | ||
470 | static int run_rfc5114_tests(void) | |
471 | { | |
472 | int i; | |
473 | for (i = 0; i < (int)(sizeof(rfctd)/sizeof(rfc5114_td)); i++) | |
474 | { | |
475 | DH *dhA, *dhB; | |
476 | unsigned char *Z1 = NULL, *Z2 = NULL; | |
477 | const rfc5114_td *td = rfctd + i; | |
478 | /* Set up DH structures setting key components */ | |
479 | dhA = td->get_param(); | |
480 | dhB = td->get_param(); | |
481 | if (!dhA || !dhB) | |
482 | goto bad_err; | |
483 | ||
484 | dhA->priv_key = BN_bin2bn(td->xA, td->xA_len, NULL); | |
485 | dhA->pub_key = BN_bin2bn(td->yA, td->yA_len, NULL); | |
486 | ||
487 | dhB->priv_key = BN_bin2bn(td->xB, td->xB_len, NULL); | |
488 | dhB->pub_key = BN_bin2bn(td->yB, td->yB_len, NULL); | |
489 | ||
490 | if (!dhA->priv_key || !dhA->pub_key | |
491 | || !dhB->priv_key || !dhB->pub_key) | |
492 | goto bad_err; | |
493 | ||
494 | if ((td->Z_len != (size_t)DH_size(dhA)) | |
495 | || (td->Z_len != (size_t)DH_size(dhB))) | |
496 | goto err; | |
497 | ||
498 | Z1 = OPENSSL_malloc(DH_size(dhA)); | |
499 | Z2 = OPENSSL_malloc(DH_size(dhB)); | |
500 | /* Work out shared secrets using both sides and compare | |
501 | * with expected values. | |
502 | */ | |
503 | if (!DH_compute_key(Z1, dhB->pub_key, dhA)) | |
504 | goto bad_err; | |
505 | if (!DH_compute_key(Z2, dhA->pub_key, dhB)) | |
506 | goto bad_err; | |
507 | ||
508 | if (memcmp(Z1, td->Z, td->Z_len)) | |
509 | goto err; | |
510 | if (memcmp(Z2, td->Z, td->Z_len)) | |
511 | goto err; | |
512 | ||
513 | printf("RFC5114 parameter test %d OK\n", i + 1); | |
514 | ||
515 | DH_free(dhA); | |
516 | DH_free(dhB); | |
517 | OPENSSL_free(Z1); | |
518 | OPENSSL_free(Z2); | |
519 | ||
520 | } | |
521 | return 1; | |
522 | bad_err: | |
523 | fprintf(stderr, "Initalisation error RFC5114 set %d\n", i + 1); | |
524 | ERR_print_errors_fp(stderr); | |
525 | return 0; | |
526 | err: | |
527 | fprintf(stderr, "Test failed RFC5114 set %d\n", i + 1); | |
528 | return 0; | |
529 | } | |
530 | ||
f5d7a031 | 531 | #endif |